Logfile of HijackThis v1.99.1
Scan saved at 22:55:56, on 29/09/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
e:\Program Files\ewido\security suite\ewidoctrl.exe
e:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\mssearchnet.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\System32\taskswitch.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\AdsGone\adsgone.exe
E:\Common\Bin\WinCinemaMgr.exe
E:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\den\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.karoo.co.uk/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
O4 - HKLM\..\Run: [PowerMenu] "%systemroot%\system32\powermenu.exe" -hideself on
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [System] C:\WINDOWS\csrss.exe
O4 - Startup: AdsGone.lnk = E:\Program Files\AdsGone\adsgone.exe
O4 - Global Startup: AdsGone 2004.lnk = E:\Program Files\AdsGone\adsgone.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0A81E2F1-EA55-1989-9D98-3A7B13760ACA} - http://66.246.197.126/1/gdnNL2218.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {59499385-ADB6-14FF-B4FD-0595700B10B2} - http://66.246.197.126/1/gdnNL1865.exe
O16 - DPF: {5E64B8C1-9403-5AED-CA16-127A19D7C3CB} - http://66.246.197.126/1/gdnNL1865.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7509B68D-4F7C-5EB1-B942-57946B05B2CD} - http://66.246.197.126/1/gdnNL1865.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{796CE7E6-223A-48AC-A872-CF011DB33A50}: NameServer = 213.249.130.100,212.50.160.100
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: tcpG4T - tcpG4T.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - e:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - e:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
thanks any help is much appreciated.
fatlad